Call for Papers - FIRST 2002
r-safian at nwu.edu
Fri Aug 24 18:40:18 GMT 2001
14th Annual Computer Security
Incident Handling Conference
Hilton Waikoloa Village, Hawaii
June 24-28, 2002
Call for Papers
This text is also available at
The Forum of Incident Response and Security Teams (FIRST,
http://www.first.org/) is a global organization whose aim is to
facilitate the sharing of security-related information and to foster
cooperation in the effective prevention, detection, and recovery
from computer security incidents. Its members are CSIRTs (Computer
Security Incident Response Teams) from government, commercial,
academic, and other environments.
The FIRST conference ( http://www.first.org/conference/2002/) brings
together IT managers, system and network administrators, security
specialists, academics, security solutions vendors, CSIRT personnel
and anyone interested in
* the most advanced techniques in detecting and responding to
computer security incidents
* the latest improvements in computer security tools, methodologies,
* sharing their views and experiences with those in the computer
security incident response field
The conference is a five day event, comprising two days of tutorials
and three days of technical sessions which include refereed paper
presentations, invited talks, and panel discussions.
The conference will discuss the most recent practical issues in
computer and network security, focusing on incident response.
The program committee solicits original contributions on the
* Incident Response
o large computer virus outbreaks
o Distributed Denial-of-Service (DDOS) attacks
o Privacy and Intellectual Property incidents
o insider incident response
o intrusion detection, analysis, and response automation
o collecting evidence
o computer and network forensics
* CSIRT Operation and Tools
o CSIRT Best Practices
o automation of CSIRT operations
o informing customers of new security threats (vulnerabilities,
exploitation tools, viruses, etc.)
o vulnerability analysis and advisory process
o drafting incident response and security policies
o experience with security tools, both commercial and free,
both experimental and stable
o new approaches to attack analysis
o OS-specific log analysis tools
o multi-source intrusion detection analysis
* Response Team Cooperation and Legal Issues
o coordinating international incident handling
o trust relationships in incident response
o international legal and liability in incident response
o dealing with black hats
* New Technologies, New Vulnerabilities
o impact of new technologies (IPSEC and others) on incident
o vulnerabilities in WAP enabled web applications
o vulnerabilities in PDA and Pocket PC's
o forensics on wireless devices
o experiences with deploying VoIP
o commercial shopping and banking systems
* Other Topics
o competition, espionage, and information warfare
o secure system and network administration
o secure programming techniques and practices
o Internet service providers and security
o intruder profiling
o outsourcing security -- managed security services
Three tutorial tracks are planned:
* The first track is oriented toward IT managers and will deal
with topics such as drafting security policies incorporating
policies for incident response, computer forensics, setting
up security infrastructures, etc.
* The second track is oriented toward technical staff and will
provide in-depth information on security tools, designing
security architectures, intrusion detection and monitoring
tools, web security, etc. - in particular COMPUTER FORENSICS
is a special interest topic this year.
* The third track is tailored for people interested in building
and organizing an incident response team or related services
like security advisories, vulnerability analysis, etc.
Proposals are solicited from experts interested in giving a tutorial.
Tutorials may be half or full day in length and can cover topics
either at an introductory or advanced level.
All tutorial submissions will be handled electronically. Authors
should email the completed submission form (attached below) to
tuto2002 at first.org.
Individuals interested in submitting tutorial proposals are encouraged
to contact the program chair
before the deadline to discuss the proposed content.
Panels are solicited that examine innovative, controversial, or
otherwise provocative issues of interest.
All panel submissions will be handled electronically. Authors
should e-mail the completed submission form (attached below) to
panel2002 at first.org.
A reduction of the conference fee will be offered to panel organizers.
Authors are invited to submit papers, preferably in PostScript or
PDF format (RTF and HTML are also accepted). The length should not
exceed 12 pages typeset in a 12-point font. A detailed synthesis
(2 pages minimum) will be considered if it gives a clear reflection
of the contents and key points of the coming paper.
All paper submissions will be handled electronically. Authors
should email a version of their paper and the completed submission
form (attached below) to paper2002 at first.org.
Authors will receive an immediate notification of the successful
receipt of the file containing their paper. Subsequently, a second
notification of receipt will be sent after the paper has been
A reduction of the conference fee will be offered to one author of
each accepted paper.
Process of Selection
Papers, tutorials, and panels will be evaluated by the program
committee based on their quality and relevance. Each proposal will
be reviewed by at least three independent reviewers, whose reviews
will be relayed to the corresponding author. All submissions are
held in confidentiality prior to publication in the proceedings.
Submissions received after the deadline will not be considered
unless an extension has been granted. Authors must obtain employer,
client, or government releases prior to submitting the final
Accepted papers will be presented by their authors and will be
published in the conference proceedings. The proceedings are provided
free of charge to conference attendees. Additional copies will be
available for purchase at the conference.
FIRST requires a non exclusive copyright license for all the papers
presented at the conference and for the presentation material. This
includes potential distribution on a conference CD and/or the FIRST
Submission deadline: November 16, 2001
Notification of acceptance: January 11, 2002
Final version of the paper due: March 11, 2002
Final presentation material
(slides) due: May 1, 2002
Note that tutorial and panel proposals, as well as papers (or
detailed syntheses, as described above) are expected to arrive
prior to the submission deadline (NOVEMBER 16) in order to be
If you have questions about the submission process, don't hesitate
to send them to the appropriate email address:
* paper2002 at first.org
* tuto2002 at first.org
* panel2002 at first.org
Cristina SERBAN (Chair), chair2002 at first.org - AT&T Labs, USA
Anne BENNETT - Concordia University - Canada
David CROCHEMORE - CERT Renater - France
Kathy FITHEN - PriceWaterhouseCoopers - USA
Dan GARRETT - ETG Inc. - USA
Klaus-Peter KOSSAKOWSKI - Germany
Larry LEIBROCK - eforensic - USA
Xing LI - CCERT - China
Chaeho LIM - CERTCC-KR - Korea
Francisco MONSERRAT COLL - IRIS-CERT - Spain
David MAILLARD - Intexxia - France
David MORTMAN - Siebel Systems - USA
Claudia NATANSON - British Telecom - UK
Steve ROMIG - Ohio State University - USA
Roger SAFIAN - Northwestern University - USA
Kurt SAUER - Sun Microsystems - France
Derrick SCHOLL - Sun Microsystems - USA
Elizabeth SIEMERS - Guardent - USA
Gordon STEELE - PARA-PROTECT - USA
Hironobu SUZUKI - JPCERT/CC - Japan
Franck VEYSSET - Intranode - France
Proposal Submission Form
The Proposal Submission Form for the FIRST 2002 Conference is
available on-line at http://www.first.org/conference/2002/submission.txt.
Roger A. Safian
r-safian at nwu.edu (email) public key available on many key servers.
(847) 491-4058 (voice)
(847) 467-5690 (Fax) "You're never too old to have a great childhood!"
More information about the unisog